United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 223 1 3- 1 450 
www.uspto.gov 



APPLICATION NO. 



FILING DATE 



FIRST NAMED INVENTOR 



ATTORNEY DOCKET NO. 



CONFIRMATION NO. 



09/847,709 



05/03/2001 



Marvin Moser 



IDS 1 18673 (3037-4190) 



7018 



7590 06/22/2005 

MORGAN & FINNEGAN, L.L.P. 
345 Park Avenue 
New York, NY 10154 



EXAMINER 



KIM, JUNG W 



ART UNIT 



PAPER NUMBER 



2132 



DATE MAILED: 06/2272005 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 



Office Action Summary 


Application No. 

09/847,709 


Applicant(s) 

MOSER, MARVIN 


examiner 

Jung W. Kim 


Art Unit 

2132 





-- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MO NTH (S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)^ Responsive to communication(s) filed on 26 April 2005 . 
2a)S This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1 and 3-55 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^ Claim(s) 1 and 3-55 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)Q objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

1 2) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 



1. Claims 1 and 3-55 are pending. 

2. Applicant amended claims 1 , 7, 1 0, 1 9, 28, 38, 48, 49, 52 and 53 in the 
amendment filed on April 26, 2005. 

3. Claim 2 has been canceled. 

4. The amended abstract has been entered. 

Response to Amendment 

5. The objection to claim 49 is withdrawn as the amendment overcomes the 
objection. 

6. The rejection of claims 1, 3, 5-10, 12, 14-19, 21 and 23-55 under 35 U.S.C. 101 
are withdrawn as the amended claims are in compliance with 35 U.S.C. 101. 

7. In view of the new amended claims, after further search and consideration, 
claims 1 and 3-55 are rejected under 35 U.S.C. 103(a) as being unpatentable over Korn 
U.S. Patent No. 6,880,083 (hereinafter Korn) in view of W3C HTML 4.01 Specification 
(hereinafter W3C) as outlined below in the section titled Claim Rejections 35 U.S.C. 
103. 
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Response to Arguments 

8. Applicant's arguments filed April 26, 2005 (Remarks) have been fully considered 
but they are not persuasive. The following response addresses applicant's arguments 
with regard to the rejections made to the original claims. 

9. In response to applicant's argument that the references fail to show certain 
features of applicant's invention, it is noted that the features upon which applicant relies 
(i.e., preventing an unauthorized user from inspecting or reverse engineering a web 
browser script stored in a web server; transferring information between a web server 
and a client computer via a public network without encryption [Remarks, pgs 13-14, A- 
B]) are not recited in the rejected claim(s). Although the claims are interpreted in light of 
the specification, limitations from the specification are not read into the claims. See In 
re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). 

10. As per claim 1 , applicant argues Saito in view of W3C does not teach the 
following limitations (Remarks, pg. 16): 

a. "storing an encrypted script in a web server"; this limitation is a new issue 
and is addressed below; 

b. "storing an hypertext object including a reference to the encrypted script in 
a modified web page"; this limitation is a new issue and is addressed below; 
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c. "storing a decryption program, capable of decrypting the encrypted script, 
the hypertext object including a reference to the decryption program"; as outlined 
in the previous Office action (January 12, 2005) and below, one of ordinary skill 
in the art would utilize the call procedure as outlined in the W3C disclosure to 
invoke the applet decryption program located in the remote location (W3C, 
section 13.3, especially section 13.3.1, 'Inline vs. external data'; section 13.4) 
since it enables greater flexibility to store and retrieve programs and data sets; 
this property is essential to distribute information over a plurality of servers for 
reasons such as more efficient distribution of work or compartmentalization of 
secure resources; 

d. "whereby access to the hypertext object only allows access to the 
encrypted script"; Saito clearly discloses the applet is needed to decrypt the 
script. Saito, col. 15:6-29. 

11. As per claim 7, applicant argues Saito in view of W3C does not teach the 
following limitation (Remarks, pg. 17): 

e. "forming a modified web server page including the encrypted script in a 
hypertext object"; this limitation is a new issue and is addressed below. Also, 
regarding applicant's argument that "a modified web page is not formed at a 
server to enable a web browser to select a decryption program, since the 
decryption program is automatically transferred to the web browser. Col 15, lines 
6-12." (Remarks, pg. 17, 4 th paragraph), this rational is not consistent with the 
instant specification. Applicant's own disclosure identifies the step of 



Application/Control Number: 09/847,709 Page 5 

Art Unit: 2132 

"requesting" as either a processes initiated by a user or an automatic process 
through the web browser. Specification, pg. 3, last paragraph. As such, the 
invocation of the HTML tag pointing to an applet with a remote URI is consistent 
with the instant specification-the web browser requests the decryption program 
from the remote URI. 

12. As per claim 10, the issues argued by the applicant (Remarks, pg. 18) are new 
issues and are addressed below. 

13. As per claim 19, the issues argued by the applicant (Remarks, pg. 18) are 
parallel to those of claims 7 and 10; hence, these issues have been addressed above. 

14. As per claim 28, the issues argued by the applicant (Remarks, pg. 19) are either 
new issues addressed below or are issues parallel to those of claim 7, which has been 
addressed above. 

15. As per claim 38, the issues argued by the applicant (Remarks, pg. 20) are new 
issues and are addressed below. 

16. As per claim 48, the issues argued by the applicant (Remarks, pg. 20) are new 
issues and are addressed below. 

17. As per claim 52, the issues argued by the applicant (Remarks, pg. 21) are new 
issues and are addressed below. 

Claim Rejections - 35 USC § 103 

18. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

19. Claims 1 and 3-55 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Korn U.S. Patent No. 6,880,083 (hereinafter Korn) in view of W3C HTML 4.01 
Specification (hereinafter W3C). 

20. As per claims 1 and 4, Korn discloses a method executable in a computer that 
restricts access to a WWW script comprising the steps of: 

f. storing an encrypted script in a web server and storing a decryption 
program on a server capable of decrypting the encrypting script (Korn, col. 2:14- 
30; 3:15-20, 30-33); 

g. wherein a user's WWW browser downloads the encrypted script and the 
decryption program, and decrypts the encrypted script with the decryption 
program (Korn, 3:33-59); 

h. wherein the script runs in the WWW browser (Korn, 3:59-60). 

21 . Korn does not expressly teach a hypertext object including a reference to the 
encrypted script in a modified web page and a reference to the decryption program 
whereby access to the hypertext object only allows access to the encrypted script. 
W3C teaches incorporating a hypertext object within an html page to invoke objects that 
perform dynamic tasks, including functions defined by applets; furthermore, the 
hypertext object includes parameters to identify the location of remote data read in by 
the objects to perform the dynamic tasks. W3C, section 13.3, especially section 13.3.1, 
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'Inline vs. external data'; section 13.4. It would be obvious to one of ordinary skill in the 
art at the time the invention was made to store a hypertext object including a reference 
to the encrypted script in a modified web page and a reference to the decryption 
program whereby access to the hypertext object only allows access to the encrypted 
script since the invocation of remote objects and remote data sets using hypertext 
enables access to dynamic programs and data sets from a remote location, which 
enables greater flexibility to store and retrieve programs and data sets. Ibid. Finally, a 
web server serves the hypertext to the WWW browser. The aforementioned cover the 
limitations of claims 1 and 4. 

22. As per claims 3, 5 and 6, the rejections of claims 1 and 4 under 35 U.S.C. 103(a) 
are incorporated herein, (supra) In addition, each of the hypertext object, the encrypted 
script and the decryption program are downloadable (ibid); further, it has been found to 
be obvious to consolidate multiple objects. See In re Larson 144 USPQ 347 (CCPA 
1965). The aforementioned cover the limitations of claim 3, 5 and 6. 

23. As per claim 7, the rejections of claims 1 and 4 under 35 U.S.C. 103(a) are 
incorporated herein, (supra) In addition, the steps of: selecting an encryption algorithm, 
selecting an encryption key, and creating the encrypted script by executing the 
encryption algorithm and applying the encryption key are necessary steps to encrypt a 
script as known to one of ordinary skill in the art. Moreover, Korn teaches the step of 
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forming a modified web server page including a hypertext object. Col. 2:28-35 and 
3:30-32. The aforementioned cover the limitations of claim 7. 



24. As per claims 8 and 9, the rejection of claim 7 under 35 U.S.C. 103(a) are 
incorporated herein, (supra) In addition, it is notoriously well-known that symmetric 
encryption and public key encryption are the two encryption techniques to secure digital 
information. Examiner takes Official Notice of this teaching. It would be obvious to one 
of ordinary skill in the art to use symmetric encryption or public key encryption to secure 
the script since these methods are well implemented and have been found to be secure. 
The aforementioned cover the limitations of claims 8 and 9. 

25. As per claims 1 0-1 8, the rejections of claims 1 -9 under 35 U.S.C. 1 03(a) are 
incorporated herein, (supra) In addition, an encrypted script, by definition, conceals 
and restricts access to the script. The aforementioned cover the limitations of claims 
10-18. 



26. As per claims 19-27, the rejections of claims 10-18 under 35 U.S.C. 103(a) are 
incorporated herein, (supra) In addition, the hypertext object modifies a reference to the 
script to refer to the encrypted script and further modified to include a reference to the 
decryption program. Korn, col. 2:28-35 and 3:30-32. The aforementioned cover the 
limitations of claims 19-27. 
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27. As per claims 28-47, the rejections of claims 10-18 under 35 U.S.C. 103(a) are 
incorporated herein, (supra) In addition, the method restricts access to the script by 
invoking the following steps (Korn, 3:33-60; see W3C, section 13.3, especially section 
13.3.1): 

i. receiving a request for a hypertext object including a reference to an 
encrypted script and a reference to a decryption program capable of decrypting 
the encrypted script (client request access to encrypted script and decrypting 
applet from web server using WWW browser); 

j. transferring the hypertext object (response by web server to client); 

k. receiving the hypertext (client receives web page from web server); 

I. issuing a request for the decryption program (hypertext object within web 

page requests for remote applet: parameter identifies location of applet); 

m. receiving a request for the decryption program (web server receives applet 

request from client browser); 

n. transferring the decryption program (web server sends applet to client 
browser) 

o. issuing a request for the encrypted script (data parameter of hypertext 
object identifies location of remote data source to supply invoked applet); 
p. receiving a request for the encrypted script (remote data source receives 
request to supply remote data); 

q. transferring the encrypted script (remote data source transmits remote 
data); 
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r. decrypting the encrypted script (applet decrypts supplied encrypted data); 
and 

s. presenting the hypertext object on a display device (WWW browser 
reproduces unencrypted data). 
The aforementioned cover the limitations of claims 28-47. 

28. As per claims 48-55, they are system claims corresponding to claims 1 and 3-47 
and they do not teach or define above the information claimed in claims 1 and 3-47. 
Therefore, claims 48-55 are rejected as being unpatentable over Korn in view of W3C 
for the same reasons set forth in the rejections of claims 1 and 3-47. 

Conclusion 

29. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 

§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
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the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jung W. Kim whose telephone number is (571) 272- 
3804. The examiner can normally be reached on M-F 9:00-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (571) 272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

Jung W Kim 
Examiner 
Art Unit 2132 

Jk 

June 14, 2005 




